Structs2 prevents repeated submission of token and structs2token

Structs2 prevents repeated submission of token and structs2token
I. Introduction

Struts2 uses the token Interceptor to check whether the form is submitted repeatedly. It adopts the synchronous token method.

Synchronous token: the server compares the token value contained in the request with the token value saved in the current user session to check whether the request matches. After the request is processed and the reply is sent to the client, a new token will be generated. In addition to sending the token to the client, the old token saved in the user session is also replaced. In this way, if the user goes back to the submission page and submits the request again, the token sent from the client is inconsistent with the token sent from the server, effectively preventing repeated submission.

Implementation Method:
1) token
The token interceptor intercepts the request. If it is a duplicate request, it is directed to the Result named invalid. token.
2) tokenSession
The only difference between the tokenSession interceptor and the token interceptor is that after judging a request as a duplicate request, it is not immediately redirected to the request named invalid. the Result of the token, but first blocks the repeated request until the browser responds to the initial normal request, then you can jump to the Result after processing the normal request.

Ii. token tag

<Package name = "money" namespace = "/money" extends = "struts-default"> <action name = "transfer" class = "com. meetcomet. action. transferAction "> <interceptor-ref name =" defaultStack "/> <! -- Use the token interceptor --> <interceptor-ref name = "token"/> <! -- Output page after interception --> <result name = "invalid. token ">/index. jsp </result> <result name = "success">/welcome. jsp </result> </action> </package>

Enter index. jsp

<S: form action = "transfer" namespace = "/money"> <! --- Token tag ---> <s: token> </s: token> <! --- This label is used to display the error of action. Because this label is set to return to this page after interception, --> <s: actionerror/> <s: textfield label = "Amount" name = "amount" value = "100"/> <s: submit value = "Transfer money"/> </s: form>

There is nothing special about Action. To keep it running for a long time, you can easily submit it again,

public String execute() throws Exception {        Thread.sleep(2000); // to simulate processing time        return SUCCESS;    }

Debugging problem: the token tag does not seem to have any function.

This should be caused by abnormal tomcat deployment. Redeploy to ensure that there is no error during tomcat deployment.

Iii. tokenSession Mode

<action name="transfer2"  class="com.meetcomet.action.transferAction">            <interceptor-ref name="defaultStack" />            <interceptor-ref name="tokenSession" />            <result name="success">/welcome.jsp</result> </action>